Free Malware Removal Forum

Welcome to MalwareRemoval.com,What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Most people know of computer viruses. You should always have an anti-virus system running. It should have updated virus signature files downloaded daily for broadband and weekly for dialup connections. You should not have more than one anti-virus system active at any one time.
Many of you have probably heard of the recent viruses that caused havoc on the internet: Blaster, Welchia, Slammer, CodeRed, Nimda, and, most recently, Swen. While these can cause damage to your computer if you get infected, there are some simple steps you can take to greatly reduce your chances of infection.

First: what is a virus and how does one get infected?

A virus, much like the medical term, is a bit of software code that is self replicating. It need not do anything harmful or malicious, it just needs to reproduce itself. Some viruses attach themselves to the first sectors of Floppy disks, which is automatically read when you open a floppy. Most these days come through the internet. A virus is unique in that it infects other files, and then gets passed along with them, much like a virus infects a cell in your body. A virus doesn't necessarily need a security hole to work- as you can be the one who starts it spreading. There are different types of viruses, named after the different ways in which they operate and which files they infect. All operate in a similar manner.

Another common malicious program, often labeled a virus by the mass media, is a worm. The difference between worms and viruses is subtle, but a good description is this: worms tend to break into computers and focus on spreading themselves to other computers as rapidly as possible. Viruses tend to sneak in, while worms tend to force their way in. Worms often work their way into a computer without any user action necessary. Thus, Blaster is technically termed a Worm, as it broke into computers through a hole in Windows and ran itself and spread to other computers automatically.

What is believed is the most common malicious code is what is termed a 'Trojan Horse'. Much like the legend, a computer trojan is a program that pretends to be one thing but is actually another, tricking the user into running it. Note that a trojan is harmless until you open it; it can't infect you automatically. Many trojans open back doors to your computer so that crackers can get into your system and use it for various things, like sending spam across the internet.

Note that the types of program aren't defined by what sort of damage they do, but by how they infect computers and how they spread. One type is not intrinsically worse than another, and all of them can do things such as delete all of your files, pop up annoying messages, or make your computer run more slowly.

So, you might be asking- how can I protect myself?

1) Run an Antivirus program, and keep it up to date!Several companies produce anti virus products. While some are getting better at detecting new viruses automatically, they aren't truly effective until the data file that stores information about known viruses includes the virus to protect against. Thus, it is imperative that you update your 'virus definitions' often, and immediately after a major virus/worm/trojan is released.

Of those listed, Norton is the most popular. Many security junkies swear by Kapersky or Nod32. AVG is liked by many as it has a free version.

An antivirus program will automatically scan files on your computer as they are opened and modified, and isolate them from the rest of your system if they become infected. In this way you are protected. Note that they are not 100% effective, so you need to take some additional steps to help:

2) Update Windows often!The blaster worm and almost all worms use vulnerabilities to spread. A patch for windows was out 25 days before blaster broke. Had you installed the patch, you would have been protected. Windows XP can automatically download updates and then prompt you to install them if you want, which keeps you from having to check all of the time. If you want, you can always use http://windowsupdate.microsoft.com to check for updates (this works for all version from win98)

3) Don't open files from people you don't know, and don't open email attachments that you aren't expecting.Many worms and viruses will harvest a list of all of the email addresses in your address book and then send a copy of themselves to those addresses. If someone sends you an attachment via email and you weren't expecting it, don't open it until you ask them if they meant to send it. If you get an attatchment from someone you don't know, don't open it. Swen, an email virus, pretends that it is a patch from Microsoft. Note that most antivirus programs can scan email as it arrives, which will help some what.

If you believe you are infected with a virus, don't go out and buy an AV program. Installing new programs can sometimes cause the virus to do more damage before you can get at it. Several AV companies are now offering free internet scans, which allow you to see if you are infected.

Spyware is software that when loaded and running on your computer will do things such as record your surfing habits, upto finding your passwords, bank information and other personnel information and sending the information back to the program makers internet site. Adware is similar in that it arranges for adverts to appear on your machine, sometimes based on what you are doing or what site you are visiting.

We advise you to have both of these as in use we find that they each sometimes find spys or ads that the other has missed. With both of these do run the updates to get the latest signature files, then close and reopen the programs to use the latest updated signature files. The free version of ad-aware does not run in the background, but spybot has a teatimer function that does.

Also IE-Spyad to add sites to your restricted sites list, to stop you ever going to them. Available from here

SpywareBlaster protects against bad ActiveX. Available from here It places kill bits to stop bad active X controls from being installed. Remember to update it regularly.

CWShredder is a special remover for CWS infection, can be used to remove some spyware that is not removed by Spybot S&D and/or Ad-Aware. Remember to update it regularly. Available here.

SpywareGuard runs like your Anti-Virus program in the background to stop, Browser Helper Objects (BHO's) from installing, available From Here. Remember to update it regularly.

A little advice on KaZaA. If you uninstall it, you only remove KaZaA itself, all the little gremlins you read about stay behind. To kill them all off, download and run AdAware or SpyBot. When that is done, Find a new p2p file from the following list :-

One of the best things you can do for your PC is to regularly visit the Windows Update Site
(use Internet Explorer, Menu, Tool, Windows Update)
lots of Hacking/Trojans use the methods found (plugged by the updates) that have not been stopped by people not updating.
Update your machine, and they have one less helper, and you have one less headache.

Update ALL Critical updatesAny other Windows updates for services/programs that you use.
Driver updates get from your vendor of the equipment.(Some advise to wait a day or two, visit a forum - like DellTalk - and see if others have any problems before doing them yourself).

Note that it will download them for you, but you still have to actually click install. Support staff have cleaned the blaster worm out of several computers who didn't have the patch installed, even though windows had already downloaded for them. If they had only clicked 'install' they would have been fine.

Are you running a firewall on your machine? You should be! Without any firewall protection, you are at a much higher risk of being attacked/cracked through the internet. Example: Windows, by default, allows connections on port 135/139. If I know your IP address I can easily get a list of users on your machine through that connection. If any of them are using weak passwords, it will take less than a few hours to crack, and then I will have full access as that user. The blaster worm and the welchia worm connected through ports 135 and 139 as well. When you run a firewall, it hides your computer online such that it only shows itself when you initiate a connection. If you aren't running any servers, this is what you want, as hackers can't see or access your computer.

You can test to see what ports that are open or showing at one of these sites:

At the very least, enable the internet connection firewall (ICF) that is built into Windows XP- it doesn't protect programs from getting out, but it keeps bad stuff from getting in. The ICF would have protected you from Blaster and Welchia Virus's

XP firewall : Go to Start, Control Panel, Network Connections. Right-click on your connection and choose Properties. The Advanced tab will indicate whether or not the XP Firewall has been activated.

If you are behind a router, you are safer, as the NAT feature of the router will discard all unsolicited traffic that arrives. However, it does not completely protect you, as trojans and other things can still get out. Some routers, like the TM2300, include a built in firewall. A belkin router has a pretty capable firewall. Check with the maker of your router to see if it has a firewall.

For those who want something more secure than ICF recommend are one of the following:

Who is online

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.